VulnerableCode Package Details - pkg:npm/ses@0.14.0

Vulnerabilities affecting this package (3)

Vulnerability	Summary	Fixed by
VCID-d74m-xf5b-vfdj Aliases: CVE-2023-39532 GHSA-9c4h-3f7h-322r	Dynamic import and spread operator provide possible path to arbitrary exfiltration and execution SES is a JavaScript environment that allows safe execution of arbitrary programs in Compartments. In version 0.18.0 prior to 0.18.7, 0.17.0 prior to 0.17.1, 0.16.0 prior to 0.16.1, 0.15.0 prior to 0.15.24, 0.14.0 prior to 0.14.5, an 0.13.0 prior to 0.13.5, there is a hole in the confinement of guest applications under SES that may manifest as either the ability to exfiltrate information or execute arbitrary code depending on the configuration and implementation of the surrounding host. Guest program running inside a Compartment with as few as no endowments can gain access to the surrounding host’s dynamic import by using dynamic import after the spread operator, like `{...import(arbitraryModuleSpecifier)}`. On the web or in web extensions, a `Content-Security-Policy` following ordinary best practices likely mitigates both the risk of exfiltration and execution of arbitrary code, at least limiting the modules that the attacker can import to those that are already part of the application. However, without a `Content-Security-Policy`, dynamic import can be used to issue HTTP requests for either communication through the URL or for the execution of code reachable from that origin. Within an XS worker, an attacker can use the host’s module system to the extent that the host has been configured. This typically only allows access to module code on the host’s file system and is of limited use to an attacker. Within Node.js, the attacker gains access to Node.js’s module system. Importing the powerful builtins is not useful except insofar as there are side-effects and tempered because dynamic import returns a promise. Spreading a promise into an object renders the promises useless. However, Node.js allows importing data URLs, so this is a clear path to arbitrary execution. Versions 0.18.7, 0.17.1, 0.16.1, 0.15.24, 0.14.5, and 0.13.5 contain a patch for this issue. Some workarounds are available. On the web, providing a suitably constrained `Content-Security-Policy` mitigates most of the threat. With XS, building a binary that lacks the ability to load modules at runtime mitigates the entirety of the threat. That will look like an implementation of `fxFindModule` in a file like `xsPlatform.c` that calls `fxRejectModuleFile`.	0.14.5 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 0.15.24 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 0.16.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 0.17.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 0.18.7 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-ghj9-v2gg-9qfe Aliases: CVE-2025-32792 GHSA-h9w6-f932-gq62	ses's global contour bindings leak into Compartment lexical scope Web pages and web extensions using `ses` and the `Compartment` API to evaluate third-party code in an isolated execution environment that have also elsewhere used `const`, `let`, and `class` bindings in the top-level scope of a `<script>` tag will have inadvertently revealed these bindings in the lexical scope of third-party code.	1.12.0 Affected by 0 other vulnerabilities.
VCID-k6sq-5kt3-93en Aliases: GHSA-whpx-q3rq-w8jc GMS-2022-5773	Hardening of TypedArrays with non-canonical numeric property names in SES ### Impact _What kind of vulnerability is it? Who is impacted?_ In Hardened JavaScript, programs can `harden` objects to safely share objects with co-tenant programs without risk of these other programs tampering with their API surface. Hardening does not guarantee that objects are pure or immutable, so a hardened `Map`, for example is superficially tamper-proof, but any party holding a reference to the object can both read and write its contents. Based on this precedent, and because `TypedArray` instances cannot be frozen with `Object.isFrozen`, `harden` does not `freeze` `TypedArrays` and instead makes them non-extensible and makes all non-indexed properties non-writable and non-configurable. This is consistent with the treatment of `Map` because the indexed properties represent mutable content and non-indexed properties represent the API. Due to a defect in `harden`, properties that have names that parse as numbers but are not the same as the canonical representation of those numbers, as in `"+0"` and `""` which are both equivalent to their canonical number `"0"`, remain writable after hardening. Any program treating one of these properties as part of its API and relying on `harden` to prevent modifications would be vulnerable to an API pollution attack, affecting only instances shared by mutually suspicious parties. Unlike a `Map`, a hardened `TypedArray` can only have numbers for content. Any program that is sharing hardened `TypedArrays` between co-tentant programs and relying on harden to only allow these programs to communicate exclusively by changing numbers within the bounds of the TypedArray, may inadvertently have arranged for a mechanism for a pair of third-parties to communicate arbitrary objects on these other properties. ### Patches _Has the problem been patched? What versions should users upgrade to?_ SES version 0.16.0 patches this issue, causing `harden` to recognize properties with non-canonical numeric representations and ensuring that these properties are non-configurable. ### Workarounds _Is there a way for users to fix or remediate the vulnerability without upgrading?_ Users should avoid sharing `TypedArrays` between co-tenant programs and instead create wrapper objects that produce a read-only view of the underlying data. We allow `harden` to succeed for `TypedArrays` because the treatment is in fact consistent with the behavior of collections like `Map`, but all collections shared between co-tentant programs should probably be attenuated to either read- or write-only facets and probably close over only part of the content of the collection. However, the motivation for allowing `TypedArrays` to be hardened in practice is to allow certain legacy modules to function under Hardened JavaScript with LavaMoat, since they export `TypedArrays`, even though they would ideally export read-only facets of these. ### References _Are there any links users can visit to find out more?_ Not at this time. ### For more information If you have any questions or comments about this advisory: * Email us at [security@agoric.com](mailto:security@agoric.com)	0.16.0 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-d74m-xf5b-vfdj
Aliases:
CVE-2023-39532
GHSA-9c4h-3f7h-322r

Dynamic import and spread operator provide possible path to arbitrary exfiltration and execution SES is a JavaScript environment that allows safe execution of arbitrary programs in Compartments. In version 0.18.0 prior to 0.18.7, 0.17.0 prior to 0.17.1, 0.16.0 prior to 0.16.1, 0.15.0 prior to 0.15.24, 0.14.0 prior to 0.14.5, an 0.13.0 prior to 0.13.5, there is a hole in the confinement of guest applications under SES that may manifest as either the ability to exfiltrate information or execute arbitrary code depending on the configuration and implementation of the surrounding host. Guest program running inside a Compartment with as few as no endowments can gain access to the surrounding host’s dynamic import by using dynamic import after the spread operator, like `{...import(arbitraryModuleSpecifier)}`. On the web or in web extensions, a `Content-Security-Policy` following ordinary best practices likely mitigates both the risk of exfiltration and execution of arbitrary code, at least limiting the modules that the attacker can import to those that are already part of the application. However, without a `Content-Security-Policy`, dynamic import can be used to issue HTTP requests for either communication through the URL or for the execution of code reachable from that origin. Within an XS worker, an attacker can use the host’s module system to the extent that the host has been configured. This typically only allows access to module code on the host’s file system and is of limited use to an attacker. Within Node.js, the attacker gains access to Node.js’s module system. Importing the powerful builtins is not useful except insofar as there are side-effects and tempered because dynamic import returns a promise. Spreading a promise into an object renders the promises useless. However, Node.js allows importing data URLs, so this is a clear path to arbitrary execution. Versions 0.18.7, 0.17.1, 0.16.1, 0.15.24, 0.14.5, and 0.13.5 contain a patch for this issue. Some workarounds are available. On the web, providing a suitably constrained `Content-Security-Policy` mitigates most of the threat. With XS, building a binary that lacks the ability to load modules at runtime mitigates the entirety of the threat. That will look like an implementation of `fxFindModule` in a file like `xsPlatform.c` that calls `fxRejectModuleFile`.

0.14.5
Affected by 1 other vulnerability.

0.15.24
Affected by 1 other vulnerability.

0.16.1
Affected by 1 other vulnerability.

0.17.1
Affected by 1 other vulnerability.

0.18.7
Affected by 1 other vulnerability.

VCID-ghj9-v2gg-9qfe
Aliases:
CVE-2025-32792
GHSA-h9w6-f932-gq62

ses's global contour bindings leak into Compartment lexical scope Web pages and web extensions using `ses` and the `Compartment` API to evaluate third-party code in an isolated execution environment that have also elsewhere used `const`, `let`, and `class` bindings in the top-level scope of a `<script>` tag will have inadvertently revealed these bindings in the lexical scope of third-party code.

1.12.0
Affected by 0 other vulnerabilities.

VCID-k6sq-5kt3-93en
Aliases:
GHSA-whpx-q3rq-w8jc
GMS-2022-5773

Hardening of TypedArrays with non-canonical numeric property names in SES ### Impact _What kind of vulnerability is it? Who is impacted?_ In Hardened JavaScript, programs can `harden` objects to safely share objects with co-tenant programs without risk of these other programs tampering with their API surface. Hardening does not guarantee that objects are pure or immutable, so a hardened `Map`, for example is superficially tamper-proof, but any party holding a reference to the object can both read and write its contents. Based on this precedent, and because `TypedArray` instances cannot be frozen with `Object.isFrozen`, `harden` does not `freeze` `TypedArrays` and instead makes them non-extensible and makes all non-indexed properties non-writable and non-configurable. This is consistent with the treatment of `Map` because the indexed properties represent mutable content and non-indexed properties represent the API. Due to a defect in `harden`, properties that have names that parse as numbers but are not the same as the canonical representation of those numbers, as in `"+0"` and `""` which are both equivalent to their canonical number `"0"`, remain writable after hardening. Any program treating one of these properties as part of its API and relying on `harden` to prevent modifications would be vulnerable to an API pollution attack, affecting only instances shared by mutually suspicious parties. Unlike a `Map`, a hardened `TypedArray` can only have numbers for content. Any program that is sharing hardened `TypedArrays` between co-tentant programs and relying on harden to only allow these programs to communicate exclusively by changing numbers within the bounds of the TypedArray, may inadvertently have arranged for a mechanism for a pair of third-parties to communicate arbitrary objects on these other properties. ### Patches _Has the problem been patched? What versions should users upgrade to?_ SES version 0.16.0 patches this issue, causing `harden` to recognize properties with non-canonical numeric representations and ensuring that these properties are non-configurable. ### Workarounds _Is there a way for users to fix or remediate the vulnerability without upgrading?_ Users should avoid sharing `TypedArrays` between co-tenant programs and instead create wrapper objects that produce a read-only view of the underlying data. We allow `harden` to succeed for `TypedArrays` because the treatment is in fact consistent with the behavior of collections like `Map`, but all collections shared between co-tentant programs should probably be attenuated to either read- or write-only facets and probably close over only part of the content of the collection. However, the motivation for allowing `TypedArrays` to be hardened in practice is to allow certain legacy modules to function under Hardened JavaScript with LavaMoat, since they export `TypedArrays`, even though they would ideally export read-only facets of these. ### References _Are there any links users can visit to find out more?_ Not at this time. ### For more information If you have any questions or comments about this advisory: * Email us at [security@agoric.com](mailto:security@agoric.com)

0.16.0
Affected by 2 other vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-06T05:47:18.697593+00:00	GitLab Importer	Affected by	VCID-ghj9-v2gg-9qfe	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ses/CVE-2025-32792.yml	38.6.0
2026-06-06T03:06:40.932957+00:00	GitLab Importer	Affected by	VCID-k6sq-5kt3-93en	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ses/GMS-2022-5773.yml	38.6.0
2026-06-02T04:45:32.164796+00:00	GitLab Importer	Affected by	VCID-d74m-xf5b-vfdj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ses/CVE-2023-39532.yml	38.6.0

Next non-vulnerable version	1.12.0
Latest non-vulnerable version	1.12.0
Risk	4.5